Data requirements for "What is our target architecture?"

This business question looks at the business support provided by applications to business capabilities and the organizations that use the applications. In Alfabet FastLane, the relationship between applications, business capabilities, and organizations is represented by the object class Business Support.

MM_WhatIsOurTargetArchitecture 

To have meaningful data for the business question What is our target architecture?, you must import and capture the following information about the applications, business capabilities, and organizations in your company:

Class Attribute Mandatory Explanation

Application

Name

x

The application name.

Version

x

The version number for the application. It is recommended that you document major and minor release versions (<MajorVersion.MinorVersion>).

Start Date

x

The start date is the date when the application is actively used.

End Date

x

The end date is the date when the application is no longer used.

Object State

x

Describes the use of the application in the real word. This can be understood as the operational status of the application. Possible values are:

  • Plan: The application is proposed to be used and still in the stages of planning and building.
  • Active: The application is currently being used. The active period begins with the application's start date and stops with the end date.
  • Retired: The application is no longer used.

The object state should be changed from Plan to Active once the application's start date is reached. It should be changed to Retired when the application's end data is reached.

Status

x

Specifies the approval status of an application and determines whether or not the application can be edited or deleted. Possible values are:

  • Draft: The application has only mandatory data defined.
  • Under Review: The application is documented and being reviewed. An application with this release status cannot be deleted.
  • Approved: The application has been approved by the responsible stakeholders. An application cannot be deleted when it has an approved release status. An application with this release status cannot be deleted.
  • Data imported: The data regarding this application has been imported from an external system. Additional changes may be required to improve the data quality. An application with this release status can be deleted.
  • Trash: The application is no longer valid and can be deleted.

Architecture Type

The architecture type of the application: Possible values are:

  • Client-Server: The application divides tasks or workloads between the providers and consumers of a resource or service.
  • Cloud-Based: The application runs on SaaS cloud environments. The cloud infrastructure could be local or remote to the organization.
  • Distributed: The application runs on multiple computers within a network. The network boundary can extend from private intranets to public clouds.
  • External Webpage: The application is an external resource represented through a web link.
  • Mainframe: The application is used by large organizations to carry out critical processing tasks such as bulk processing of data, transactions, planning or statistical activities.
  • Stand-Alone: The application is a self-contained application that does not rely on external entities to complete a task.
  • Unknown: The architecture type has not yet been assessed.

Authentication

The authentication method used for the application.

  • Autonomous: The application supports autonomous methods such as Direct Autonomous Authentication (DAA) for authentication. This can be carried out through mobile or remote authentication systems.
  • Basic Access: The applications support basic authentication based on a username and password. Protocols and layers such as HTTPS, SSL. or TLS could be used to enhance security, but these are not mandatory.
  • Multi-Factor: The application requires more than one method of authentication from independent verification sources to verify the transactional identity.
  • Multi-Factor & SSO: The application supports both multi-factor authentication (MFA) and single sign-on (SSO) authentication methods.
  • No Authentication: The application does not support authentication.
  • Single Sign-On: The application supports the use of a single ID and password to gain access to several related or unrelated systems.
  • Unknown: The authentication mode has not yet been assessed.

Development Type

The application development type.

  • Bespoke: The application was created specifically to address a unique use case.
  • COTS - Configured: A commercial off-the-shelf application that has been configured or supports configuration to fulfill the requirements of the enterprise and is fully supported and upgrade-stable.
  • COTS - Customized: A commercial off-the-shelf application that is customized or contains organization-specific code/programming to suit the requirements of the enterprise.
  • Unknown: The application development type has not yet been assessed.

Recommendation

The strategic recommendation regarding future investment for the application. Possible values are:

  • Tolerate: Invest in the application.
  • Invest: Consider the application as a migration candidate.
  • Migrate: Sundown the application.
  • Eliminate: Discontinue the application.

Strategic Application

Indicates whether the application is strategic for the business.

Application Assessment: Geographical Reach

Indicator to evaluate an application's area of usage and distribution reach. This allows you to determine the geographical reach of your portfolio based on application local, regional, or global usage. .

  • 0- Local
  • 1- Regional
  • 2- Global

Application Assessment: Mobile Capability

Indicator to evaluate whether an application is complaint for mobile platforms. An application that fully supports all mobile platforms (Smartphones, Tablets, Smart TVs, Smart Watches, etc.) is considered to be fully mobile-compliant. An application supporting one or many but not all of the mobile platforms is considered to partially mobile-compliant.

  • 0- Not Supported
  • 1- Only Mobile Website
  • 2- Partially Supported
  • 3- Fully Supported

Application Assessment: Multi Language Support

Indicator to evaluate the level of support an application provides for multiple languages: 0- Unknown, 1- No, 2- Yes

Application Assessment: Number of Users

Indicator to evaluate sthe number of users using this application.

  • 0: 0
  • 1: 1-10
  • 2: 11-100
  • 3: 101-1.000
  • 4: 1.001-10.000
  • 5: >10.000

Application Assessment: SCA Compliance

Strong Customer Authentication (SCA) is a European regulatory requirement to reduce fraud and make online payments more secure. SCA requires authentication to use at least two of the following three elements: 1. Something the customer knows (PIN/Password), 2. Something the customer has (Phone/Hardware token), 3. Something the customer is (Fingerprint/Face recognition). Possible values are: 0- Not required, 1- No but required, 2- Yes

Application Classification: 1 Confidentiality

1-Not Critical 2-Essential 3-Critical.

Application Classification: 2 Integrity

1-Not Critical 2-Essential 3-Critical.

Application Classification: 3 Availability

1-Not Critical 2-Essential 3-Critical.

Application Classification: DPIA Rating

A data protection impact assessment (DPIA) is a privacy-related assessment whose objective is to identify and analyze certain actions or activities that might affect data privacy. Under the GDPR regulations, data protection impact assessments are mandatory in certain cases such as when profiling activities are carried out using personal data. Possible values are: 5- Very High, 4- High, 3- Medium, 2- Low, 1- Very Low, 0- Not Required

Disaster Recovery: Recovery Point Objective (Hrs)

Indicator to evaluate the recovery point objective in hours: 0-< 1 Hr 1-1-2 Hr 2-2-3 Hrs 3-3-5 Hrs 4-5-12 Hrs 5-> 12 Hrs.

Disaster Recovery: Recovery Time Objective (Hrs)

Indicator to evaluate the recovery time objective in hours: 0-< 1 Hr 1-1-2 Hr 2-2-3 Hrs 3-3-5 Hrs 4-5-12 Hrs 5-> 12 Hrs.

Cloud Assessment: Peak Workloads

1-No 2-Yes (Exceptionally) 3-Yes (Regularly).

Cloud Assessment: License Eligible for Cloud

1-No 2-Yes.

Business Capability

This business question requires the availability of at least 2 levels of business capabilities in your portfolio.

Level ID

x

The hierarchical number of the business capability in the business capability hierarchy. For example: 1, 1.1, 1.1.1, 1.2, 1.2.1, etc.

Necessary for the visualization.

Name

x

The level ID and name of the business capability is displayed in the boxes of the heat map.

Business Relevance

Indicates how relevant the business capability is for the business:

  • Mission Critical: The business capability is crucial to the organization's business and therefore essential to the accomplishment of the vision, goals and objectives.
  • Business Evolving: The business capability responds to internal and external change and helps to support the necessary steps to transition the organization's business.
  • Business Enabling: The business capability is currently core to the business of the organization and describes what currently exists in the business.
  • Business Operating: The business capability is not unique to the business but does provide the support required to operate the business. Because it is not unique to the business, it does not constitute a core business capability.

Parent Business Capability

x

Every business capability on the second level of the hierarchy and lower should have a parent business capability defined.

Reference for Application provides Business Capability

Business Capability

x

The business capability that is supported by the application.

Application

The application supporting the business capability.

Organization

Name

Parent Organization

Every organization on the second level of the hierarchy and lower should have a parent organization defined.

Reference for Application used by Organization

Organization

x

The organization that uses the application.

Application

The application used by the organization.